In recent months, cyber threat actors affiliated with Russian military intelligence have launched destructive wiper attacks against energy, water, and other critical infrastructure organizations’ networks in Ukraine as missile strikes knocked out power and water supplies to civilians across the country. Russian military operators also expanded destructive cyberactivity outside Ukraine to Poland, a critical logistics hub, in a possible attempt to disrupt the movement of weapons and supplies to the front.
The recent trends suggest that the world should be prepared for several lines of potential Russian attack in the digital domain over the course of this winter.
- First, we can expect a continuation of Russia’s cyber offensive against Ukrainian critical infrastructure. We should also be prepared for the possibility that Russian military intelligence actors’ recent execution of a ransomware-style attack—known as Prestige—in Poland may be a harbinger of Russia further extending cyberattacks beyond the borders of Ukraine. Such cyber operations may target those countries and companies that are providing Ukraine with vital supply chains of aid and weaponry this winter.
- Second, we should also be prepared for cyber-enabled influence operations that target Europe to be conducted in parallel with cyber threat activity. Russia will seek to exploit cracks in popular support for Ukraine to undermine coalitions essential to Ukraine’s resilience, hoping to impair the humanitarian and military aid flowing to the region. The good news is that, when equipped with more information, a media-savvy public can act with awareness and judgment to counter this threat.
You can support our team and donate to TechUkraine here.